Andrey Meshkov

Issues&releases are maintained by the QA team. Devs may be “summoned” to a particular issue when required but most of the work is done by QA. Issues are also automatically synced to JIRA. There’re many changes and re-labeling by “adguard-bot”, this all actually comes from JIRA sync.

@ay_meshkov @AdGuard both issues and releases seem to be actively maintained, but you're saying that devs don't keep track of what's happening on github, so i'm not really sure what's up here

Hi, let me please answer from the personal account as at this time there’s no one to answer from the company account. It’s not that hard to miss considering that the mirrored branch is not the default one on Github so you don’t see when you just open the repo. Internally we use self-hosted Git so devs also just don’t follow the state of the source code on GH.

@AdGuard how did not a single person notice that code wasn't being published for 8 months? it's impossible, really

i just noticed that adguard stopped pushing the source code for their ios adblocker 8 months ago while still publishing releases with the outdated source code the sudden change in code publicity is almost never a good sign, i feel like there might be some funny business going on

🚨@GitHub has flagged several key contributors to ad-blocking filter lists, impacting the popular List-KR and disrupting our workflow. We suspect this is due to automated protections, not malicious activity (1/3)🧵

@LWGShane @GRos3s @AdGuard The wording is not ideal here. The problem is that the card payment provider that we're using does not allow changing email address of an existing subscription and thus it will continue to send emails to the old address.

@AdGuard's "Change Email" feature is useless as they state that "All payment info, including receipts, will still be sent to the previous address." #wtf #cybersecurity #cybersecurityfails

@Apple There's still this crazy Core Technology Fee tax but I hope EU antitrust authorities can make Apple reconsider the current approach.

Did I miss something or @Apple just allowed proper (almost) side-loading? For now in EU only. developer.apple.com/documentation/…

@opera Resolved, @opera folks are great!

Anyone from @opera out there? We've got a pretty critical issue with Opera Add-ons store: github.com/AdguardTeam/Ad…

Happy birthday to my blocklist, 26 years old today.

The problem is that is still requires routing all the traffic through the app which seems like an overkill for just SNI splitting. The alternative approach would be to do that for a selected list of domains and just “redirect” those domains to a local snippet proxy. But then the question is which domains to redirect? Probably, requires UI to configure and overall, it will be quite a big task if we go this way. That’s what was stopping us from doing that. I’d honestly prefer having proper CoreLibs filtering ported to iOS, if they at some point allow sideloading in EU, we’ll start working on that.

@ay_meshkov @AdGuard Agreed, full scale filtering will need Lowe level access. But SNI obsfucation used by them is effective but they use legacy DNS. Your app is streets ahead and if the SNI part can be added it’s going to be amazing.

@AdGuard when will you update the app to allow for DPI and SNI obfuscation like the Mac app? apps.apple.com/us/app/unicorn… is doing this now but doesn’t yet take DOH/DOQ/DOH3 DNS urls

@JonoH @AdGuard If the only required feature is SNI split than it may be implemented as is indeed, but I doubt about full-scale filtering

@ay_meshkov @AdGuard If unicorn is doing it, can the same methods be used by you guys for the SNI spoof? You have the same functionality on your macOS app. If unicorn took DOH URLs for DNS it would be a 1 stop shop and I’d much rather stick with the work from you guys at adguard. Love the product

🚨Last Call for the Ad-Filtering Dev Summit starting TOMORROW!🚨 Don't miss discussions from @ay_meshkov, @gertrudkolb, @pgl, @fanboynz, @avl7771, @LisetteMeij & more on urgent ad-blocking community topics. Secure your spot now! #AFDS2023 adfilteringdevsummit.com

Well, it's not supposed to be used as a library yet, it does not clean up connections properly at the moment. Maybe one day I'll refurbish it into "libgocurl", then it'll be the time. Regarding the docs, it may sound strange, but that's how it works :) 1. crypto.cloudflare.com is used as a relay, a client-facing server. In the case of CF you probably can use any domain as a relay since they are on the same anycast network, what matters is the IP address. 2. Unencrypted (outer) ClientHello uses the domain from the DNS record, it's "cloudflare-ech.com" currently. 3. And finally the encrypted (inner) ClientHello will use the server name that you actually want to connect to.

@ay_meshkov Niiice. I think, I could use gocurl as TLS Dialer in my app? 🙃 Docs confuse me, though: > 1. Connects to crypto.cloudflare.com > 2. ClientHello w/ cloudflare-ech.com > 3. Inner encrypted Client hello w/ cloudflare.com 3 should say crypto.cloudflare.com?

Curl is undoubtedly an awesome tool, but it's been too often lately when I couldn't do what I needed with it. I am too lame to patch curl so I made my own instead: github.com/ameshkov/gocurl It's basically a simplified version of curl written in pure Go, but it also adds some new stuff: encrypted ClientHello support, json output, splitting clienthello, HTTP/3 out-of-the-box.

@rethinkdns Already there: #ech" target="_blank" rel="nofollow noopener">github.com/ameshkov/gocur…

@ay_meshkov this is neat, thanks. sni=plaintext, next? 🫣

@rethinkdns Well, there's nothing to fix so here it comes: #pq" target="_blank" rel="nofollow noopener">github.com/ameshkov/gocur…

@rethinkdns Would be great! It seems we need CF to fix this bug first: github.com/cloudflare/go/…

@pgl @yandexcom @iam_py_test Actually the news are pretty old, they’re doing it since years ago:(

@ay_meshkov @yandexcom cc: @iam_py_test

Oh come ON, @yandexcom. "Yandex Browser patches uBlock Origin, so it won't block ads on Yandex's websites and says that you can't install that extension in Opera Store, when you can" reddit.com/r/assholedesig…

You didn’t hear about it because they target russian speakers only. A few years ago it’s market share in russia was about 25%, now I think it’s even higher. Besides that, it’s probably the most serious Chromium fork out there if counting the sheer number of original features and modifications, Opera and Brave aren’t even close. Sadly, there are also dubious if not outrageous decisions like this one with limiting ad blockers permissions.

@pgl @yandexcom I never heard of that browser before. But now I know why 😂